Posted
by
timothy
on Tuesday February 14, 2012 @12:16PM
from the always-been-at-war-with-elbonia dept.

New submitter sackbut writes with a story at Wired about the often-discussed concept of "cyberwarfare," and the worst-case scenarios that are sometimes presented as possible outcomes of concerted malicious hacking. According to Wired, which calls these scenarios "the new yellowcake," "[E]vidence to sustain such dire warnings is conspicuously absent. In many respects, rhetoric about cyber catastrophe resembles threat inflation we saw in the run-up to the Iraq War. And while Congress' passing of comprehensive cybersecurity legislation wouldn't lead to war, it could saddle us with an expensive and overreaching cyber-industrial complex."
Writes sackbut: "Perhaps good for programmers, but not so good for rights."

Civil rights? Sorry, you traded those away for temporary relief from intentionally induced fear. You no longer have any. Don't worry - any persisting illusions of said civil rights should dissipate soon.

No, we did not trade those civil rights away. Our elected representatives traded them for campaign donations from the military/industrial/cybersecurity complex. Not one of us got a vote to trade or not trade our rights away. That's the beauty of the representative democracy. Our hands stay clean.

They knew damn well that if they did not vote for the Patriot Act and other post-liberty laws that the corporate me

Is not a people at least tacitly responsible for what its leaders do at the end of the day?

Well, yes and no. People may not be "tacitly responsible" if they don't have sufficient information. There was a lot of public fear in the time after 9/11. The government at the time did nothing to try to alleviate that fear, and even created a bogus color-coded "alert" system that supposedly told the public of the "real" threat. We were at a constant yellow or orange, i

Orwell tried to warn us. See also his work on the use of language and using it as an agent of control (Chomsky says basically the same thing).

Orwell got a lot of things right, but his arguments about use of language were pretty wrong. You can't actually create Newspeak. If you start calling copyright infringement piracy, people start to think that pirates are cool and piracy means sticking it to The Man. If you decide that calling it piracy is no longer cutting it and start calling it theft, people will soon start making references to Robin Hood instead of Captain Jack Sparrow. (You must admit that the pigopolists bear a closer resemblance to the Sheriff of Nottingham than they do to the British Navy.)

Chomsky has it more right, but despite being a linguist his points aren't as much about language as information: The issue is that selection bias allows you to tell part of the truth, and then defy anyone to prove that your biased selection is empirically false rather than merely intentionally incomplete, leaving the general public with the impression that the things the media says are irrefutable because no one is allowed any opportunity to refute them. In other words, the problem is not that powerful people choose what you are allowed to say or even how you are allowed to say it, it is that the content of your message determines how large of an audience you are allowed to reach.

Orwell got a lot of things right, but his arguments about use of language were pretty wrong. You can't actually create Newspeak. If you start calling copyright infringement piracy, people start to think that pirates are cool and piracy means sticking it to The Man. If you decide that calling it piracy is no longer cutting it and start calling it theft, people will soon start making references to Robin Hood instead of Captain Jack Sparrow. (You must admit that the pigopolists bear a closer resemblance to the Sheriff of Nottingham than they do to the British Navy.)

First, most of the "people" you're referring to are proles in Orwell's vision. As long as they get their free bread, beer, and entertainment, they don't care about any of that stuff. As to the outer party members, or proles who are unfortunate enough to be perceptive and discontented, well, that's what the Thought Police are for. Either the malcontents accept Newspeak voluntarily, or after a visit to Room 101.

I think Orwell had that much right. If you can control the vocabulary, you can control the discussion. If you control the discussion, you can control the conclusion.

The only thing lacking right now is the means and will to unequivocally control the vocabulary. The pigopolists understand this, and probably concede they can't do that by force now, so they just beg their argument ("copyright infringement is theft because it's stealing from artists") and then power through the rest of the debate feeling confident they already have chosen the ground for the conflict. And by working behind the scenes and shaping laws (which are the only meaningful vocabulary in the whole milieu), they have a chance of succeeding.

I think Orwell had that much right. If you can control the vocabulary, you can control the discussion. If you control the discussion, you can control the conclusion.

What I'm saying is that you can't do that. The Party wants you to be able to say "The Party is good" and "Death to The Enemy," but if that vocabulary exists then you can use it to construct the sentence "Death to The Party" because language is combinatorial. And changing the name from Department of War to Department of Defense doesn't make people any less angry when you send their children to some miserable desert country to die for no apparent reason.

And that's the problem with creating Newspeak. No matter how many times you call yourself pro-life, your opponents are never going to call themselves anti-life. You'll almost never see a Democratic politician get on the television and denounce tax cuts, but you will see them advocating "revenue enhancements" or "making the rich pay their share" (meaning pay more, even though they already pay 90% of the taxes) etc.

Wrong. He was as uneasy as about corporations and their "Newspeak" as he was of communist and facist oppression. I say fascist since he did fight in the Spanish Civil was for the Republicans. And he did work for BBC propaganda during WWII. "The room" in the book was numbered 101, a room in the UK Ministry of Information Orwell worked in. It was part of his inspiration for the book. And the UK was supposed to be a democracy.

Japan surrendered on 15 August 1945. The surrender documents were signed on the USS Missouri on 2 September 1945. Therefore the US has not been at war since 2 September 1945.

So anyone who says we are at war is full of it.

The President does have limited war powers without a declared war. The President can attack another country and has 60 days to get Congressional approval. See the War Powers Act. By the way, the 60 day limit officially makes Obama an actual war criminal (as opposed to "The President has an

Is your Cyber-Stick Proactive? Does it Synergistically Integrate Intelligence across Multiple Threat Vectors, allowing you Drill Down through a Real-Time Data Matrix and turn Information into Actionable Intelligence? Does it support Robust Delegation, for Interdepartmental Collaboration and Public/Private Security Partnerships?

The problem is that right after you don't buy into the hype (and expensive products), some less-than-cluefull employee will give out his/her password over the phone, or download and run some malicious attachment.

Please note that the expensive solution being sold won't work any better than your leopard amulet, but you might be able to keep your job if you bought the "Industry Leading Solution", because, hey, how could you have done better than that?

The problem is that right after you don't buy into the hype (and expensive products), some less-than-cluefull employee will give out his/her password over the phone, or download and run some malicious attachment.

That is not really the problem. The problem is that too many congress critters subscribe to the Legislator's Fallacy: "Something must be done. This is something. Therefore, we must do this." If not for that, the existence of dim witted federal staffers could be resolved by firing them (or not hiring them in the first place) rather than spending a trillion dollars a year fighting an imagined enemy.

One of the things people have the hardest time accepting is that sometimes Bad Things Happen and the cost of preventing them exceeds the cost of allowing them to happen. In other cases the problem is a legitimate problem but the solution offered is totally irrational because the better solution requires goring the wrong constituency's ox, and with the rational solution taken off the table for political reasons, people are unhappy that the problem is not being solved and demand the outrageous and ineffective solution.

Of course, in this case it isn't really any of those things: This is just garden variety corruption. If you want to divert a trillion tax dollars into your own pocket then you need to pretend you're providing something of value to the general public. Saving them from imaginary cyber attacks (or whatever) is as good an excuse as any -- and hey, if there are no cyber attacks, it must mean they're doing their job. And if there are cyber attacks, it must mean they need more tax money.

The truth us that no one but the programmers want to make good and secure programs. It is the management that does not understands the insides to put unreasonable expectations, which leads to not working solutions. And it is the government to always request for a back-door capabilities, which again leads to UNSECURE programs.And good and bright example (not windows) is SCADA systems. The protocol that they defined and implemented is so wrong by design, so so so wrong, that i could now have 100 years just to start to explain how wrong it is. Just believe me. IT IS WRONG BY DESIGN.

The truth us that no one but the programmers want to make good and secure programs.

Not even most of the programmers I have come into contact with, either directly or via their code, want to make much of an effort at doing things correctly, much less securely. Some can't even be bothered to test thoroughly. Much of the time this is made worse by management pushing unreasonable schedules. Thus it is no wonder that many pieces of software are insecure and can be exploited.

Actually, borrowing a few stories over, something we'd learn from a mission to Mars is the old-SF mentality of "there's no room for moron managers". Of course, the trouble is, that those types are good at weasel dealing, but stuff like code security/robustness would suddenly matter if we got a broadcast from space like "Sorry to say this folks, the manager who insisted we run the mission 6 months early for political reasons just killed all of us. The embedded Oxygen manager software has a fatal flaw that gi

It really is sad - the foes of Net Neutrality and all that it stands for have completely taken control of the overall fight and the message. Those who would have an open 'net are now completely on the defensive, and never on the offensive anymore.

A waste of money. We have have no money for education, the elderly, the infirm, veterans, community development, R&D, or infrastructure. But we have plenty of money to sink into DHS, DoD, the secret police, the weapons industry, and the intelligence black hole.

I was expecting all the hordes of commenters from the recent NASA/Mars/fed. budget thread to also show up here, to again say "hurf durf, you guys, we just can't go on spending money we don't have!!!1! Don't you understand?!!?! Budgets!! Deficit!! Taxes!!! Entitlements!!!46% (or whatever)!!"

Ron Paul is not in the slightest bit serious. If he were ever to be elected President, he would have no real power to carry out the reforms he claims he will. Most of what he wants to do require legislation, and there is no way Congress will come close to passing what he wants. Ever. Ron Paul knows this - there's no way he can't - and he's clearly having a whale of a time on his libertarian soapbox. I have a lot of sympathy for his politics, but for effectiveness? No.

Cyber warfare seems very much like child pornography. There are plenty of people there claiming that there's child pornography everywhere in the internet, the FBI spends considerable resources fighting it.

Yet, after some 20 years browsing, after seeing countless examples of pornography of nearly all kinds, I have yet to see one single example of child pornography. I have never, ever, seen one photo or video of a child engaged in sex.

Proponents of the existence of child pornography have only one goal in mind

The opening scene of the film Brazil is a terrorist bombing perpetrated by the government. By the end of the film, it's revealed that the extent of the terrorists' actual activities extend little further than making unauthorized repair work.

In the past twelve months there have been not one but two cases where the DHS has claimed that a SCADA system has been taken down by foreign hackers, only to be refuted by actual analyses that point the blame at contractor ineptitude.

I couldn't help but notice how this "opinion piece" didn't bother to mention the use of Stuxnet and it's effect on the Iranian enrichment program. This was as prime an example of Cyberwarfare as you'll ever get.

I guess if you're a zealot on a platform, its customary to completely ignore anything that's counter productive to your agenda.

Not that I feel that sacrificing individual rights and/or providing the government with more power is the answer.More like user education...user education...user education!

didn't bother to mention the use of Stuxnet...This was as prime an example of Cyberwarfare as you'll ever get

Agreed. And for all the reactions of "but there's nothing to worry about"...in that case, would somebody tell Anonymous to stop playing their bloody stupid games and making people think there is something to worry about.

Script kiddies hacking to protest "oppressive rules" over the internet (aside: is Anonymous really made up almost entirely of 14 year old entitled rich brats? Because that's what they come off sounding like) is just silly. See a problem, real or perceived, and act in a way guaranteed to exac

Right on!
Google was attacked from within China. Change.org was attacked from within China when they were supporting a petition to release Ai WeiWei.
Are these attackers government sponsored? Let's hope so! If not, our predicament is even worse -- If relations between the US and China were to deteriorate, the Chinese government would try a plethora of other alternatives to meet its objectives, before escalating to full cyberwar. An independent, cybervigilante group would escalate to cyberwar much sooner.

While the term "cyberwarfare" is a bad analogy (as I have detailed [slashdot.org] in a previous topic), is it such a problem that a government wants to enforce security in certain infrastructural systems? The article writes nothing about what exactly is the problem with the plans.

I was puzzled by the seeming lack of security on so many "critical" sites, lately I have been entertaining the idea that maybe they are that way for reason, so that something could "happen" and accelerate the Internet lock-down which benefits not only the Government but the content owners (MPAA/RIAA/etc) as well.

However for the little I know about Internet security, it seems to be a task of "how hard can I make it" rather than creating an impenetrable fortresses of data.

Finally, at this late hour, they realize that they do not like freedom of speech, they do not enjoy liberty, that special interests and the unjust exercise of power are harmed or defeated by such blessings. They want the old system back, where the individual could scream into the wind and no one would hear it. Where only large media conglomerates had the coverage, and the privilege, to control "public opinion." They long for the days when "public opinion" was their opinion, and not off-message as it is now.

Rubbish. Warfare is ultimately the art of taking and controlling territory. Cyber attacks may play some part in this but when you win a "cyberwar" you've got no more territory and no more control. Further reading. [tandfonline.com]

Territory control is only a side effect of most wars. Most of the time, territory is gained for resources or to take away resources. There are other resources to take away or gain that are not geographically based - clear threat to financial stability is a simplistic example. That will certainly, through force, have the other side closer to suing for peace.

Air only (or officially air only) wars are a great counter example. You're not really taking territory, but controlling it. Why are you controlling

I don't think air wars are a counter example. Political conflicts are never solved from 30,000 feet. Yes, most wars are about resources on some level, but that is down to the politics of war. To get the crops, water, or copper out, you still need to be controlling the ground.

The main issue with cyber war, it seems to me, is one of controllable intent and resources. Stuxnet blew a massive amount of resource on a single shot. Some of that resource can be solved by throwing money and time at it but you

I agree with the overall tone of the article, but at the same time I am pretty skeptical that this is going to lead to an overblown cyber warfare capability. I guess it could lead to massively over budgeted security theater and rights-trampling clusterfuck legislation, but at the same time the trend I see as an infosec professional is to massively under-invest in information security and underestimate the threats.

Just today we learned that there were Chinese hackers in Nortel's network for a decade. Can y

it could saddle us with an expensive and overreaching cyber-industrial complex.

Ignoring the ridiculous use of "cyber," you replaced the wrong word -- "cyber-industrial" doesn't imply any public-private collusion the way "military-industrial" does. Perhaps you meant military-cyber complex? Or government-cyber complex? But either way, internet technologies are an industry, so "military-industrial complex" has that covered already.

Below and to the right of each comment is a small "Anti" symbol; click on this, and (optionally) explain why you consider the comment abusive. (Slashdot discussions are and should be robust; only cry "Abuse!" for comments that are utterly without redeeming value -- spam, racist ranting, etc. For everything else, use the other moderation options.) Reported comments will be reviewed and moderated by the editors, if appropriate.